Split unattributed connections into to Unidentified App and Network Noise

2022-03-09 15:44:54 +01:00
parent 014ac058ce
commit 7a9001b7de
11 changed files with 78 additions and 24 deletions
--- a/network/connection.go
+++ b/network/connection.go
@@ -317,7 +317,11 @@ func NewConnectionFromFirstPacket(pkt packet.Packet) *Connection {
 	proc, inbound, err := process.GetProcessByConnection(pkt.Ctx(), pkt.Info())
 	if err != nil {
 		log.Tracer(pkt.Ctx()).Debugf("network: failed to find process of packet %s: %s", pkt, err)
-		proc = process.GetUnidentifiedProcess(pkt.Ctx())
+		if inbound {
+			proc = process.GetUnsolicitedProcess(pkt.Ctx())
+		} else {
+			proc = process.GetUnidentifiedProcess(pkt.Ctx())
+		}
 	}

 	// Create the (remote) entity.